funsec mailing list archives
Re: More stuff to worry about random number generators:
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Tue, 18 Dec 2007 16:44:16 -0500
On Dec 17, 2007 8:32 PM, Paul Ferguson <fergdawg () netzero net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- "Dude VanWinkle" <dudevanwinkle () gmail com> wrote:via bruce:http://www.schneier.com/blog/archives/2007/12/dual_ec_drbg_ad.htmlDual_EC_DRBG Added to Windows Vista Microsoft has added the random-number generator Dual_EC-DRBG to Windows Vista, as part of SP1. Yes, this is the same RNG that could have an NSA backdoor. It's not enabled by default, and my advice is to never enable it. Ever.Windows Vista? What's that? ;-)
Microsoft workstation products are only semi-viable as an option after SP2. This theory of mine held up for 2k and XP. We will see how well it holds up for Vista, but by the look of things, NSA backdoors and all, I might have to come up with another theory.. SP2 usually means over 600 MB of fixed code, but thats with a ~450MB operating system. I wonder if Vista service packs will be relative... -JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- More stuff to worry about random number generators: Dude VanWinkle (Dec 17)
- <Possible follow-ups>
- Re: More stuff to worry about random number generators: Paul Ferguson (Dec 17)
- Re: More stuff to worry about random number generators: Valdis . Kletnieks (Dec 17)
- Re: More stuff to worry about random number generators: Dude VanWinkle (Dec 18)
- Re: More stuff to worry about random number generators: Kitsune (Dec 18)
- Re: More stuff to worry about random number generators: Valdis . Kletnieks (Dec 18)
- Re: More stuff to worry about random number generators: Dude VanWinkle (Dec 19)